System.Web.HttpContext.Current.User.Identity.Name giving other user's name

Question

I am using windows authentication for my intranet application which was developed in MVC 4.0.

To get the current user using below code.

string userid = System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToUpper();

in Web.config file, i set authentication mode="Windows" and in IIS Enabled Windows Authentication and disabled Ananymous.

Its working fine in local but when i deployed application to windows server 2012 and IIS 8.5 ,am facing two issues which i am unable to fix.

First issue is when user browse the application on their machine they should get logged on user same its fine for one user. But suppose two users browsing the url at same time its displaying same name for both users, its random and displaying any one's name of both two users. I have NOT used session or Caching or cookies in my entire application.

Second issue is randomly users getting credentials popup , when they give correct username and password its not worked.Issue is completely random not sure when they get.

Request you to help on these issues, i tried a lot but didn't find any solution.

Answer 1

That does not seem the right place to get the user info from.

using System.Web;
//...
var name = System.Web.HttpContext.Current.User.Identity.Name
//...

Try this one.

Answer 2

If your site is truly not caching anything, and you have set the no-cache headers appropriately, then it might be a caching proxy server.